JoshSupport
New member
JSecurity professional – advanced Linux server security with a detailed report. Each secured server or VPS handled by our in-house dedicated security engineer (DSE). First we audit the server, next we provide you with a detailed report and as final accordingly to your approval we proceed with all the reported proposed changes. Each secured server covered at no extra cost by our guaranteed 30 days support, to handle any issues related to the security work we have done on your server. Below is 29 of the different security features we consider during each and every server or VPS security work.
Linux Malware Detect (LMD) – This is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.
Advanced Policy Firewall (APF) – This is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations.
Brute Force Detection (BFD) – is a modular shell script for parsing application logs and checking for authentication failures. It does this using a rules system where application specific options are stored including regular expressions for each unique auth format.
Incremental rsync (irsync) – The irsync tool is an incremental wrapper for the rsync utility, though this is native-supported by rsync, the irsync tool provides convenience features. The design goals behind irsync were to provide a tool that would allow me to create point-in-time incremental backups that used as little space as possible on the storage media in addition to having a complete and effective MySQL backup routine.
Linux Environment Security (LES) – This is intended as a facility to quickly & easily secure RedHat/RPM based environments. It does such by enforcing root-only permissions on system binaries (binaries that have no place being executed by normal users), enforcing root-only path traversal on system paths, enforcing immutable bit on essential rpm package contents (i.e: coreutils), and enforcing immutable bit on shell profile scripts.
Linux Socket Monitor (LSM) – This is a network socket monitor; it is designed to track changes to Network sockets and Unix domain sockets, effectively a port monitor. It does this by a rather simple differential based comparison of current and new server sockets (Server Ports).
Network socket inode validation (NSIV) – This is a rule based utility intended to aid in the validation of inodes against each LISTEN socket on a system. The nature for this app is such that rouge binaries can easily hijack a user, program privileges, or work space; and utilize such to kill the old service & execute a new service on the known port they crashed.
Process Resource Monitor (PRM) – This is a CPU, Memory, Processes & Run (Elapsed) Time resource monitor for Linux & BSD. The flexibility of PRM is achieved through global scoped resource limits or rule-based per-process / per-user limits.
System Integrity Monitor (SIM) – This is a system and services monitor for ‘SysVinit’ systems. It is designed to be intuitive and modular in nature, and to provide a clean and informative status system.
System Priority (SPRI) – This is a utility designed to que different processes with different priority levels based on 3 class levels of importance (high,med,low). The average load level of a server can be substantially decreased by using spri, of course results may vary.
ConfigServer Firewall (csf) – A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
Login Failure Daemon (lfd) – This daemon runs all the time and periodically (every X seconds) scans the latest log file entries for login attempts against your server that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IP’s quickly.
Securing Temporary Directory – We need to secure /tmp by removing unwanted permissions which will help to execute malicious scripts. We also need to remove unused and insecure directories from the server.
Disable or Remove Insecure Scripts – There are a lot of scripts which will be installed along with the control panel installation. We need only a few of them, the rest of the scripts are unused and will be vulnerable. We remove or disable such scripts to prevent attack to the server.
Securing and Optimizing Basic Services – We will optimize and secure basic services like Web Server, FTP Server, Mail Server, Database Server, DNS Server.
Securing SSH – SSH is the main channel to enter into the server using full access. This channel should be the most secured one. For this we need to change the SSH protocol, the port number and direct root access. If you are the only one accessing the server we will help you to setup SSH Key Authentication by which you will be the only person who will have access to SSH to the server.
Disable unused applications – We bother least about the unused applications, we don’t keep them upto date and this is the main cause of vulnerabilities. We need to keep our installed packages to minimum. We will remove all the unwanted packages in a server and will help prevent vulnerabilites in the server.
Update Applications – We keep all the packages upto date to prevent vulnerabilities.
Custom Version – We also help to install and run two versions of application, sometimes required by a particular project.
Scan for virus and malware – We scan the server periodically for virus and malware using tools like Maldet, Clamav, RKHunter, Chkrootkit etc.
Mod_security – This act as an extra security layer for Apache. This prevents all attacks based on URL and prevents intrusion.
Mod_evasive – This is installed in case of DDOS attack through apache. It prevents brute force attack in web application.
Optimize and Strengthen PHP – We disable potentially dangerous php functions and optimize the php configuration for the smooth functioning of your websites.
Logwatch – This analysis the logs and send a daily report.
Optimize Outgoing DNS Resolvers – Make the necessary changes to optimize the DNS lookups.
Harden Sysctl.conf – Will modify sysctl.conf to harden the TCP/IP stack from syn-flood and other network attacks.
Harden DNS – We make changes DNS configuration to prevent your server from being used in a DDoS attack. Your DNS server cannot be queried from outside.
Monitoring Tools – We install monitoring tools like atop, mytop, multitail etc to monitor the server.
Root Login Alert – We setup root login alert to get notification as soon as someone is logged in as root user.
30 Days Support Included – we will handle without any additional charge any issues related to our security work as done on the server.
Supported Control Panels:
cPanel/WHM
DirectAdmin
Plesk
Virtualmin
ISPConfig
Pricing:
$19.95/ One Time Fee
Learn more:
http://joshsupport.com/linux-server-security/
Linux Malware Detect (LMD) – This is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.
Advanced Policy Firewall (APF) – This is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations.
Brute Force Detection (BFD) – is a modular shell script for parsing application logs and checking for authentication failures. It does this using a rules system where application specific options are stored including regular expressions for each unique auth format.
Incremental rsync (irsync) – The irsync tool is an incremental wrapper for the rsync utility, though this is native-supported by rsync, the irsync tool provides convenience features. The design goals behind irsync were to provide a tool that would allow me to create point-in-time incremental backups that used as little space as possible on the storage media in addition to having a complete and effective MySQL backup routine.
Linux Environment Security (LES) – This is intended as a facility to quickly & easily secure RedHat/RPM based environments. It does such by enforcing root-only permissions on system binaries (binaries that have no place being executed by normal users), enforcing root-only path traversal on system paths, enforcing immutable bit on essential rpm package contents (i.e: coreutils), and enforcing immutable bit on shell profile scripts.
Linux Socket Monitor (LSM) – This is a network socket monitor; it is designed to track changes to Network sockets and Unix domain sockets, effectively a port monitor. It does this by a rather simple differential based comparison of current and new server sockets (Server Ports).
Network socket inode validation (NSIV) – This is a rule based utility intended to aid in the validation of inodes against each LISTEN socket on a system. The nature for this app is such that rouge binaries can easily hijack a user, program privileges, or work space; and utilize such to kill the old service & execute a new service on the known port they crashed.
Process Resource Monitor (PRM) – This is a CPU, Memory, Processes & Run (Elapsed) Time resource monitor for Linux & BSD. The flexibility of PRM is achieved through global scoped resource limits or rule-based per-process / per-user limits.
System Integrity Monitor (SIM) – This is a system and services monitor for ‘SysVinit’ systems. It is designed to be intuitive and modular in nature, and to provide a clean and informative status system.
System Priority (SPRI) – This is a utility designed to que different processes with different priority levels based on 3 class levels of importance (high,med,low). The average load level of a server can be substantially decreased by using spri, of course results may vary.
ConfigServer Firewall (csf) – A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
Login Failure Daemon (lfd) – This daemon runs all the time and periodically (every X seconds) scans the latest log file entries for login attempts against your server that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IP’s quickly.
Securing Temporary Directory – We need to secure /tmp by removing unwanted permissions which will help to execute malicious scripts. We also need to remove unused and insecure directories from the server.
Disable or Remove Insecure Scripts – There are a lot of scripts which will be installed along with the control panel installation. We need only a few of them, the rest of the scripts are unused and will be vulnerable. We remove or disable such scripts to prevent attack to the server.
Securing and Optimizing Basic Services – We will optimize and secure basic services like Web Server, FTP Server, Mail Server, Database Server, DNS Server.
Securing SSH – SSH is the main channel to enter into the server using full access. This channel should be the most secured one. For this we need to change the SSH protocol, the port number and direct root access. If you are the only one accessing the server we will help you to setup SSH Key Authentication by which you will be the only person who will have access to SSH to the server.
Disable unused applications – We bother least about the unused applications, we don’t keep them upto date and this is the main cause of vulnerabilities. We need to keep our installed packages to minimum. We will remove all the unwanted packages in a server and will help prevent vulnerabilites in the server.
Update Applications – We keep all the packages upto date to prevent vulnerabilities.
Custom Version – We also help to install and run two versions of application, sometimes required by a particular project.
Scan for virus and malware – We scan the server periodically for virus and malware using tools like Maldet, Clamav, RKHunter, Chkrootkit etc.
Mod_security – This act as an extra security layer for Apache. This prevents all attacks based on URL and prevents intrusion.
Mod_evasive – This is installed in case of DDOS attack through apache. It prevents brute force attack in web application.
Optimize and Strengthen PHP – We disable potentially dangerous php functions and optimize the php configuration for the smooth functioning of your websites.
Logwatch – This analysis the logs and send a daily report.
Optimize Outgoing DNS Resolvers – Make the necessary changes to optimize the DNS lookups.
Harden Sysctl.conf – Will modify sysctl.conf to harden the TCP/IP stack from syn-flood and other network attacks.
Harden DNS – We make changes DNS configuration to prevent your server from being used in a DDoS attack. Your DNS server cannot be queried from outside.
Monitoring Tools – We install monitoring tools like atop, mytop, multitail etc to monitor the server.
Root Login Alert – We setup root login alert to get notification as soon as someone is logged in as root user.
30 Days Support Included – we will handle without any additional charge any issues related to our security work as done on the server.
Supported Control Panels:
cPanel/WHM
DirectAdmin
Plesk
Virtualmin
ISPConfig
Pricing:
$19.95/ One Time Fee
Learn more:
http://joshsupport.com/linux-server-security/
